Request for comments on security of authentication/authorisation UIs



Hello,

Currently on the Wayland ML, a bunch of devs are discussing security issues [0,1] and the need to restrict userland processes' privileges to e.g., take screenshots, act as virtual keyboards or read keyboard events for other apps, etc (basically introducing privileged interfaces that require explicit user authorisation). We've also been discussing how the introduction of Wayland allows for redesigning and securing authentication and authorisation UIs.

This has led me to question the way authorisation and authentication are currently done, and to write a couple of proposed requirements for both tasks. I'd be very keen on hearing the opinions of various DE developers on a blog post I've written [2], that focuses a lot on the infrastructure needs (both in Wayland and desktop environments). I'd also like to debate UX aspects of authorisation and authentication UIs. As far as I'm aware GNOME Shell implements a polkit agent and so relies on the polkit infrastructure for all its auth needs. Given the proposals I made (which really are ideas that need experimentation and refinement), what would fit within the GNOME way of doing things? What's the viewpoint of the UX people in GNOME? Can you spot any missing technical (security or UX) requirements in the post? Anything you disagree with and want me to review?

Thanks,

[0] http://lists.freedesktop.org/archives/wayland-devel/2014-February/013359.html
[1] http://mupuf.org/blog/2014/02/19/wayland-compositors-why-and-how-to-handle/
[2] http://mupuf.org/blog/2014/03/18/managing-auth-ui-in-linux/
--
Steve Dodier-Lazaro
PhD student in Information Security
University College London
Dept. of Computer Science
Malet Place Engineering, 6.07
Gower Street, London WC1E 6BT
OpenPGP : 1B6B1670


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]